Lucene search
K

744 matches found

OSV
OSV
added 2026/03/19 12:51 p.m.4 views

GHSA-WVR4-3WQ4-GPC5 MCP Connect has unauthenticated remote OS command execution via /bridge endpoint

Summary When AUTHTOKEN and ACCESSTOKEN environment variables are not set which is the default out-of-the-box configuration the /bridge HTTP endpoint is completely unauthenticated. Any network-accessible caller can POST a request with an attacker-controlled serverPath and args payload, causing the...

9.8CVSS6.7AI score
Exploits0References2
OSV
OSV
added 2026/03/09 7:35 p.m.5 views

CVE-2025-62166 FreshRSS has an IDOR which allows for viewing feeds of any user and leaking tokens

FreshRSS is a free, self-hostable RSS aggregator. Prior 1.28.0, a bug in the auth logic related to master authentication tokens, this restriction is bypassed. Usually only the default user's feed should be viewable if anonymous viewing is enabled, and feeds of other users should be private. This...

7.5CVSS5.8AI score0.0038EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/08 1:44 a.m.6 views

CVE-2026-30845

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

8.2CVSS5.7AI score0.00291EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.9 views

DSA Study Hub 安全漏洞

DSA Study Hub is an interactive data structure and algorithm learning platform developed by toxicbishop, a personal developer. Previous versions of DSA Study Hub d527fba had security vulnerabilities. These vulnerabilities stemmed from the fact that authentication tokens were stored in HTTP cookie...

9.1CVSS5.8AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/06 7:34 p.m.6 views

EUVD-2026-10064

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

6.9CVSS5.7AI score0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.6 views

PT-2026-23745

🚨 CVE-2026-30845 Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to a...

8.2CVSS5.7AI score0.00291EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.8 views

PT-2026-23539

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.12 Description The software uses non-constant-time string comparison for hook token validation. This allows attackers to potentially infer tokens through timing measurements. Remote attackers with network acce...

8.2CVSS5.7AI score0.00386EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/02/27 7:44 p.m.8 views

CVE-2026-26077

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints SendGrid, Mailjet, Mandrill, Postmark, SparkPost in the WebhooksController accepted requests without a valid authentication token when no token was configured. This...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/27 2:17 a.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the GetTaskAttachment handler in the API attachment download component. An attacker can execute arbitrary JavaScript and expose authentication tokens by uploading an SVG attachment whose crafted filename...

7.6CVSS5.7AI score0.00453EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/27 2:17 a.m.7 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the GetTaskAttachment handler in the API attachment download component. An attacker can execute arbitrary JavaScript and expose authentication tokens by uploading an SVG attachment whose crafted filename...

7.6CVSS5.7AI score0.00453EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/27 2:17 a.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the GetTaskAttachment handler in the API attachment download component. An attacker can execute arbitrary JavaScript and expose authentication tokens by uploading an SVG attachment whose crafted filename...

7.6CVSS5.7AI score0.00453EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/26 10:55 p.m.3 views

CVE-2026-28274 Initiative Vulnerable to Token Theft via Stored XSS in Document Uploads

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting XSS in the document upload functionality. Any user with upload permissions within the "Initiatives" section can upload a malicious .html or .htm file ...

8.7CVSS6.1AI score0.00551EPSS
Exploits1References2
OSV
OSV
added 2026/02/26 10:55 p.m.4 views

CVE-2026-28274 Initiative Vulnerable to Token Theft via Stored XSS in Document Uploads

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting XSS in the document upload functionality. Any user with upload permissions within the "Initiatives" section can upload a malicious .html or .htm file ...

8.7CVSS5.8AI score0.00551EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/26 2:58 p.m.7 views

CVE-2026-26077

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, several webhook endpoints SendGrid, Mailjet, Mandrill, Postmark, SparkPost in the WebhooksController accepted requests without a valid authentication token when no token was configured. This...

6.5CVSS5.3AI score0.0024EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.9 views

Initiative 代码问题漏洞

Initiative is an open-source project management platform developed by Morelitea. Versions of Initiative prior to 0.32.4 contained code vulnerabilities. These vulnerabilities stemmed from a storage-type cross-site scripting vulnerability in the document upload function, which could lead to the...

8.7CVSS5.7AI score0.00551EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22211

Name of the Vulnerable Software and Affected Versions hoppscotch versions prior to 2026.2.0 Description hoppscotch is an API development ecosystem. Prior to version 2026.2.0, any logged-in user could read, modify, or delete another user's personal environment by ID. The issue arises from missing...

8.3CVSS6AI score0.00394EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.7 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.206 contained security vulnerabilities, which were caused by the use of predictable authentication tokens, potentially leading...

9.8CVSS5.8AI score0.00668EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.26 views

Tattile Smart+ 代码问题漏洞

Tattile Smart+ is a smart license plate recognition camera developed by the Italian company Tattile. There are code-related vulnerabilities in Tattile Smart+, Vega, and Basic 1.181.5 and earlier versions. These vulnerabilities stem from an inadequate mechanism for handling expired authentication...

9.8CVSS5.8AI score0.00716EPSS
Exploits3References3
OSV
OSV
added 2026/02/19 6:31 p.m.4 views

GHSA-FJF4-6F34-W64Q Keycloak: Missing Check on Disabled Client for Docker Registry Protocol

A flaw was identified in the Docker v2 authentication endpoint of Keycloak, where tokens continue to be issued even after a Docker registry client has been administratively disabled. This means that turning the client “Enabled” setting to OFF does not fully prevent access. As a result, previously...

3.8CVSS5.7AI score0.0033EPSS
Exploits0References8
CVE
CVE
added 2026/02/19 7:48 a.m.55 views

CVE-2026-2733

Summary: CVE-2026-2733 affects Keycloak’s Docker v2 authentication endpoint via the org.keycloak/keycloak-services component. The root cause is a missing check on a disabled client, allowing tokens to be issued even after the client has been turned OFF. This weakens administrative controls and co...

3.8CVSS5.4AI score0.0033EPSS
Exploits0References4
Rows per page
Query Builder